Ransomware Bl00Dy - Lockbit

Bl00Dy ransomware relies on LockBit 3.0 builder

The Bl00Dy ransomware gang exploited the LockBit 3.0 builder leaked on the internet last week to carry out a new attack from these tools now available for everyone.

Last week, following a dispute between a developer of LockBit and the strong heads of this ransomware group, it turns out that the builder of the LockBit 3.0 ransomware has been released! Following this act, anyone can use the LockBit 3.0 builder to create their own ransomware thanks to the encryption and decryption functions, which can be used in the context of cyberattacks. This builder includes an easily customizable configuration file, especially to customize ransom notes, which facilitates the emergence of new ransomware.

We can say that what had to happen happened, sincea recently created ransomware group named “Bl00Dy” used the tools available online to carry out an attack against a Ukrainian entity. Different experts, including MalwareHunterTeam, analyzed the ransom note and the traces left by this attack to determine that it was indeed the encryption tool of LockBit 3.0. For example, the Bl00Dy group used to use the .bl00dy extension for encrypted files, except this time they couldn’t because it’s not a customizable option in the LockBit 3.0 builder.

This group is relatively new as it started operations in May 2022, targeting a group of medical and dental practices based in New York.

It is not surprising to see that cybercriminals from the Bl00Dy group use the LockBit 3.0 builder, because they are not used to developing their own tools. Previously, they took advantage of other ransomware leaks to launch attacks, including Babuk and Conti. A way to try to circumvent the detection systems, but also to take advantage of the features integrated into the builder used. In this case, LockBit 3.0 is a very complete and formidable ransomware, at the origin of many cyberattacks, in particular that which affected the Corbeil-Essonnes Hospital.

Source

Sécurité,Ransomware,

#Bl00Dy #ransomware #relies #LockBit #builder

Leave a Comment

Your email address will not be published. Required fields are marked *